Lucene search
K

201 matches found

NVD
NVD
added 2023/10/09 11:15 a.m.26 views

CVE-2023-45613

In JetBrains Ktor before 2.3.5 server certificates were not verified...

9.1CVSS7.3AI score0.00298EPSS
Exploits0References1
Prion
Prion
added 2023/10/09 11:15 a.m.21 views

Default configuration

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE...

7.5CVSS9.4AI score0.00595EPSS
Exploits6References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/09 10:20 a.m.14 views

CVE-2023-45613

In JetBrains Ktor before 2.3.5 server certificates were not verified...

6.8CVSS6.9AI score0.00298EPSS
Exploits0References1
CVE
CVE
added 2023/10/09 10:20 a.m.72 views

CVE-2023-45613

The CVE-2023-45613 entry concerns JetBrains Ktor prior to 2.3.5 where server certificates are not verified, creating a trust-management vulnerability. The Red Hat/EUVD/OSV/etc. entries and PT-2023-29593 describe the issue consistently as a failure to validate server certificates in Ktor versions ...

9.1CVSS9.2AI score0.00298EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/09 10:20 a.m.30 views

CVE-2023-45613

In JetBrains Ktor before 2.3.5 server certificates were not verified...

6.8CVSS9.5AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2023/10/09 10:20 a.m.17 views

CVE-2023-45613

In JetBrains Ktor before 2.3.5 server certificates were not verified...

6.8CVSS7.2AI score0.00298EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/10/09 10:20 a.m.33 views

CVE-2023-45612

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE...

8.6CVSS9.7AI score0.00595EPSS
Exploits6References1
Vulnrichment
Vulnrichment
added 2023/10/09 10:20 a.m.18 views

CVE-2023-45612

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE...

8.6CVSS6.8AI score0.00595EPSS
Exploits6References1
CVE
CVE
added 2023/10/09 10:20 a.m.62 views

CVE-2023-45612

CVE-2023-45612 affects JetBrains Ktor with the ContentNegotiation XML format enabled in versions before 2.3.5. The root cause is an insecure default XML configuration that allows external entity processing, enabling XXE. Exploitation can lead to file disclosure (e.g., reading server files) and SS...

9.8CVSS9.4AI score0.00595EPSS
Exploits6References1Affected Software1
OSV
OSV
added 2023/10/09 10:20 a.m.28 views

CVE-2023-45612

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE...

8.6CVSS7.1AI score0.00595EPSS
Exploits6References3
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.4 views

JetBrains Ktor Trust Management Issues Vulnerability

The JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A trust management issue vulnerability exists in JetBrains Ktor versions prior to 2.3.5, which stems from a failure to validate server certificates, resulting in a trust management issue vulnerability...

9.1CVSS6.7AI score0.00298EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.5 views

JetBrains Ktor Code Issue Vulnerability

JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A code issue vulnerability exists in JetBrains Ktor versions prior to 2.3.5 that stems from an XML External Entity Injection XXE vulnerability in the default configuration of ContentNegotiation...

9.8CVSS7.2AI score0.00595EPSS
Exploits6References2
Positive Technologies
Positive Technologies
added 2023/10/09 12:0 a.m.8 views

PT-2023-29593 · Jetbrains · Jetbrains Ktor

Name of the Vulnerable Software and Affected Versions: JetBrains Ktor versions prior to 2.3.5 Description: The issue concerns the verification of server certificates. In affected versions, server certificates were not verified. Recommendations: For versions prior to 2.3.5, update to version 2.3.5...

9.1CVSS9.2AI score0.00298EPSS
Exploits0References7
NVD
NVD
added 2023/06/01 7:15 p.m.25 views

CVE-2023-34339

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...

3.3CVSS4AI score0.0021EPSS
Exploits0References1
Prion
Prion
added 2023/06/01 7:15 p.m.19 views

Authentication flaw

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...

1.7CVSS4.2AI score0.0021EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/01 6:12 p.m.48 views

CVE-2023-34339

CVE-2023-34339 affects JetBrains Ktor prior to 2.3.1. The issue is that headers containing authentication data could be added to exception messages, enabling potential exposure of sensitive information. Multiple connected sources (Red Hat, Veracode, CVE lists) confirm the same impact and scope. T...

3.3CVSS4.2AI score0.0021EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/01 6:12 p.m.27 views

CVE-2023-34339

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...

3.3CVSS4.4AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/01 6:12 p.m.9 views

CVE-2023-34339

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...

3.3CVSS4.1AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2023/06/01 6:12 p.m.15 views

CVE-2023-34339

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...

3.3CVSS7.3AI score0.0021EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.5 views

PT-2023-24824 · Jetbrains · Jetbrains Ktor

Name of the Vulnerable Software and Affected Versions: JetBrains Ktor versions prior to 2.3.1 Description: The issue allows headers containing authentication data to be added to the exception's message. This could potentially expose sensitive information. Recommendations: For versions prior to...

3.3CVSS3.9AI score0.0021EPSS
Exploits0References6
Rows per page
Query Builder